IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Rochester Schools Identify Potential Cause of Cyber Attack

Officials at a school district in Minnesota believe a cyber attack in April was caused by a staff member either clicking on a bad link or reusing a password for their district account that they use for some other account.

(TNS) — Rochester Public Schools has clarified what it believes opened the door to the large-scale cyber attack that crippled the district's operations this spring.

Superintendent Kent Pekel spoke about the issue on Wednesday, Aug. 23, while giving a presentation about the district's upcoming technology referendum in November.

"We weren't negligent," Pekel said. "But clearly one of two things happened."

Pekel went on to say that someone either clicked on a link they shouldn't have. Or, they used the same password for a district account that they also used for some other account, such as one for social media.

If voters approve the district's funding request during the referendum, RPS would receive $10 million a year that it could dedicate toward tech-related needs. That new funding would subsequently free up $7 million the district already spends on technology which could then be spent on other needs.

While the technology funding would support devices for students and actual learning, it also could be used for security purposes — whether in the form of physical cameras in the schools or cybersecurity for the district's network.

"I think it highlighted the central role of technology in our school district for sure," Pekel said about the cyber attack. "It highlighted the fact that if we enhance and update our tech systems, it has powerful benefits for kids' education and also for us as an organization."

The cyber attack happened just prior to Easter weekend. The district shut down its network after an IT worker discovered unusual activity while working at 4 a.m.

Pekel said the district did a market comp study after "having newly appreciated how critical those roles are." The RPS employees in the department subsequently received a "reasonable" pay increase following the cyber attack.

Following the cyber attack, RPS also invested in a new security software called Arctic Wolf. Pekel described it as a "significant enhancement in cybersecurity."

"What the software is going to allow us to do is have much more aggressive authentication procedures and monitoring procedures," Pekel said, "so that when there is unusual activity on our network, we can spot it much much faster."

©2023 the Post-Bulletin. Distributed by Tribune Content Agency, LLC.